Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/63586974-b35a-4b49-953d-2bcf6d3fd94e.roa
File:                     63586974-b35a-4b49-953d-2bcf6d3fd94e.roa (raw, json)
Hash identifier:          tW+Lm8ZiZQ48wLHDsyYXyje85dMIn2zufhmfvddU2N8=
Subject key identifier:   63:D9:5A:87:E5:42:0E:68:05:DC:D9:20:B1:D4:B6:B7:B5:6D:F4:E9
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1A6CAF05E6DDE9D4C88246F552D8E89F30FD948B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/63586974-b35a-4b49-953d-2bcf6d3fd94e.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f000:8000::/39 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:6c:af:05:e6:dd:e9:d4:c8:82:46:f5:52:d8:e8:9f:30:fd:94:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=87c96b98050fde0b98a79af392b467a1a23b2dedec67db1f03fa580535c98bb5, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:8e:71:09:b1:8e:5a:f8:d9:5e:fd:88:17:d9:
                    18:bf:78:76:4b:2c:e9:b6:1f:46:d2:55:08:db:e0:
                    58:7e:09:ae:f6:ad:31:76:e3:84:f6:03:af:91:3d:
                    aa:e6:88:e6:cb:db:17:f2:82:e3:34:eb:60:12:22:
                    df:aa:dc:93:02:45:25:6b:6b:cf:cf:08:1e:37:fb:
                    af:f4:df:c0:24:5a:f1:0c:c1:e0:65:99:1e:14:bb:
                    dc:77:5c:da:55:fd:44:97:39:4f:0e:6a:61:79:a8:
                    03:ce:71:f1:e5:f6:35:38:fc:1d:24:ea:df:d4:d6:
                    e1:45:d7:6e:84:84:d1:c1:ee:d5:66:42:8d:3b:20:
                    ff:0e:30:1e:7b:be:77:bd:04:e3:f3:3a:94:1a:75:
                    f9:7e:91:f5:92:90:fd:0b:77:08:41:02:ad:8e:b1:
                    58:40:4f:2b:ab:f7:55:2a:2b:e2:b4:70:a3:b8:99:
                    75:a0:e5:93:ed:8f:57:99:7b:77:a5:5e:97:39:a1:
                    03:b1:b1:ce:8e:96:8a:b2:95:34:eb:fd:a1:6b:1d:
                    a8:2d:e2:85:63:9c:39:69:27:18:9e:8f:a0:f4:1e:
                    f5:69:66:3f:b8:c5:e1:15:46:85:a0:83:a3:5a:f7:
                    a6:4c:fd:81:58:26:91:1e:8d:4c:d3:1d:e1:83:01:
                    e3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:D9:5A:87:E5:42:0E:68:05:DC:D9:20:B1:D4:B6:B7:B5:6D:F4:E9
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/63586974-b35a-4b49-953d-2bcf6d3fd94e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f000:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         a2:9e:d9:f9:a3:bf:10:fb:c4:e5:57:b5:af:8d:88:eb:22:24:
         09:5b:7c:09:94:ae:9b:cf:1c:35:cf:5f:98:27:cc:5d:3c:34:
         6d:a8:7f:2e:1c:74:88:b8:a4:97:74:5c:5b:5b:20:cc:0c:1c:
         df:4f:fd:d6:75:c1:54:80:26:10:b4:2b:46:97:82:3b:a1:35:
         33:df:b3:99:51:c9:11:fc:a6:b9:e7:ff:c9:88:eb:ce:06:dc:
         a8:0f:9b:db:a8:42:5b:5c:a3:79:65:65:12:17:89:e9:88:1f:
         68:89:f4:5a:f8:d9:79:e2:96:72:ff:cd:64:50:ce:85:e9:0a:
         56:c5:db:e7:5a:73:5e:b7:b8:a8:3d:ab:06:0f:94:ef:48:79:
         6b:d7:fa:f1:78:1a:c4:a9:82:51:71:89:e7:b0:fc:b8:e7:b1:
         ce:48:72:48:5b:70:bc:c3:92:66:c0:3d:8f:ea:e3:d9:00:2f:
         fd:5f:c3:ee:45:96:5b:79:3b:8f:c7:90:2a:93:e3:34:3b:21:
         f6:0e:2b:06:a4:74:4f:46:3c:a5:08:01:0f:f2:9f:7a:e0:4f:
         cb:65:73:fd:de:7c:63:04:de:6d:32:3c:21:b5:eb:ca:7d:0b:
         1b:81:89:66:28:4d:71:d2:de:52:cf:97:d1:c4:0c:26:7f:93:
         77:b7:e1:5d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUGmyvBebd6dTIgkb1UtjonzD9lIswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4N2M5NmI5ODA1MGZkZTBiOThhNzlhZjM5MmI0NjdhMWEy
M2IyZGVkZWM2N2RiMWYwM2ZhNTgwNTM1Yzk4YmI1MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDrjnEJsY5a+Nle/YgX2Ri/eHZLLOm2H0bSVQjb4Fh+Ca72
rTF244T2A6+RParmiObL2xfyguM062ASIt+q3JMCRSVra8/PCB43+6/038AkWvEM
weBlmR4Uu9x3XNpV/USXOU8OamF5qAPOcfHl9jU4/B0k6t/U1uFF126EhNHB7tVm
Qo07IP8OMB57vne9BOPzOpQadfl+kfWSkP0LdwhBAq2OsVhATyur91UqK+K0cKO4
mXWg5ZPtj1eZe3elXpc5oQOxsc6OloqylTTr/aFrHagt4oVjnDlpJxiej6D0HvVp
Zj+4xeEVRoWgg6Na96ZM/YFYJpEejUzTHeGDAePDAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUY9lah+VCDmgF3NkgsdS2t7Vt9OkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzYzNTg2OTc0LWIzNWEtNGI0OS05NTNkLTJiY2Y2ZDNmZDk0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAPAAgDANBgkqhkiG9w0BAQsFAAOCAQEAop7Z+aO/EPvE5Ve1r42I6yIk
CVt8CZSum88cNc9fmCfMXTw0bah/Lhx0iLikl3RcW1sgzAwc30/91nXBVIAmELQr
RpeCO6E1M9+zmVHJEfymuef/yYjrzgbcqA+b26hCW1yjeWVlEheJ6YgfaIn0WvjZ
eeKWcv/NZFDOhekKVsXb51pzXre4qD2rBg+U70h5a9f68XgaxKmCUXGJ57D8uOex
zkhySFtwvMOSZsA9j+rj2QAv/V/D7kWWW3k7j8eQKpPjNDsh9g4rBqR0T0Y8pQgB
D/KfeuBPy2Vz/d58YwTebTI8IbXryn0LG4GJZihNcdLeUs+X0cQMJn+Td7fhXQ==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org